与凭证WebClient的访问页面 [英] WebClient accessing page with credentials
问题描述
我试图访问在同一个域/同样的asp.net应用程序的网页,这是密码保护。凭据都对网页射击这个呼叫,网页被访问一样的。
下面是code,我不知道为什么我总是一个登录表单HTML code结了?
使用(Web客户端的客户端=新的WebClient())
{
client.QueryString.Add(ID,1040); //添加参数
//client.Credentials = CredentialCache.DefaultCredentials;
//我尝试添加这样的凭据
client.Credentials =新的NetworkCredential(用户名,密码); 字符串HTML code = client.DownloadString(HTTP://domain.loc/testpage.aspx);
}
我怀疑您试图访问的网页使用窗体身份验证。这意味着你必须提供有效的身份验证cookie,如果你希望能够访问受保护的资源。而为了获得有效的身份验证cookie,你将不得不通过发送POST请求发射cookie中的登录页面先验证自己。当你获得这个cookie的,你将能够沿着发送关于保护资源的后续请求。你也应该注意到,开箱 Web客户端不支持cookie的。出于这个原因,你可以写一个自定义的cookie识别Web客户端:
公共类CookieAwareWebClient:Web客户端
{
公共CookieAwareWebClient()
{
的CookieContainer =新的CookieContainer();
}
公众的CookieContainer的CookieContainer {搞定;私人集; } 保护覆盖的WebRequest GetWebRequest(URI地址)
{
VAR请求=(HttpWebRequest的)base.GetWebRequest(地址);
request.CookieContainer =的CookieContainer;
返回请求;
}
}
现在你可以使用该客户端来断火的2请求:
使用(VAR的客户=新CookieAwareWebClient())
{
VAR值=新的NameValueCollection
{
{用户名,约翰},
{密码,秘密},
};
client.UploadValues(HTTP://domain.loc/logon.aspx,值); //如果previous调用成功,我们现在有一个有效的身份验证cookie
//所以我们可以下载受保护的页面
字符串结果= client.DownloadString(HTTP://domain.loc/testpage.aspx);
}
显然,由于ASP.NET的ViewState的crapiness你可能需要发送一些其他的参数沿着你的登录请求。这里是你可以做:在Web浏览器进行身份验证,并与萤火虫看起来需要发送的确切参数和标题
I am trying to access a webpage on a same domain / same asp.net application, that is password protected. Credentials are the same both for webpage firing this call and webpage being accessed.
Here is the code, and I don't know why I always end up with a login form html code?
using (WebClient client = new WebClient())
{
client.QueryString.Add("ID", "1040"); //add parameters
//client.Credentials = CredentialCache.DefaultCredentials;
//I tried to add credentials like this
client.Credentials = new NetworkCredential("username", "password");
string htmlCode = client.DownloadString("http://domain.loc/testpage.aspx");
}
I suspect that the web page that you are trying to access uses Forms Authentication. This means that you will have to provide a valid authentication cookie if you want to be able to access protected resources. And in order to obtain a valid authentication cookie you will have to first authenticate yourself by sending a POST request to the LogOn page which emits the cookie. Once you retrieve the cookie you will be able to send it along on subsequent requests on protected resources. You should also notice that out of the box WebClient doesn't support cookies. For this reason you could write a custom cookie aware web client:
public class CookieAwareWebClient : WebClient
{
public CookieAwareWebClient()
{
CookieContainer = new CookieContainer();
}
public CookieContainer CookieContainer { get; private set; }
protected override WebRequest GetWebRequest(Uri address)
{
var request = (HttpWebRequest)base.GetWebRequest(address);
request.CookieContainer = CookieContainer;
return request;
}
}
Now you could use this client to fire off the 2 requests:
using (var client = new CookieAwareWebClient())
{
var values = new NameValueCollection
{
{ "username", "john" },
{ "password", "secret" },
};
client.UploadValues("http://domain.loc/logon.aspx", values);
// If the previous call succeeded we now have a valid authentication cookie
// so we could download the protected page
string result = client.DownloadString("http://domain.loc/testpage.aspx");
}
Obviously due to the ViewState crapiness of ASP.NET you might need to send a couple of other parameters along your logon request. Here's what you could do: authenticate in a web browser and look with FireBug the exact parameters and headers that need to be sent.
这篇关于与凭证WebClient的访问页面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
